1// SPDX-License-Identifier: GPL-2.0-only
2///
3/// From Documentation/filesystems/sysfs.txt:
4///  show() must not use snprintf() when formatting the value to be
5///  returned to user space. If you can guarantee that an overflow
6///  will never happen you can use sprintf() otherwise you must use
7///  scnprintf().
8///
9// Confidence: High
10// Copyright: (C) 2020 Denis Efremov ISPRAS
11// Options: --no-includes --include-headers
12//
13
14virtual report
15virtual org
16virtual context
17virtual patch
18
19@r depends on !patch@
20identifier show, dev, attr, buf;
21position p;
22@@
23
24ssize_t show(struct device *dev, struct device_attribute *attr, char *buf)
25{
26	<...
27*	return snprintf@p(...);
28	...>
29}
30
31@rp depends on patch@
32identifier show, dev, attr, buf;
33@@
34
35ssize_t show(struct device *dev, struct device_attribute *attr, char *buf)
36{
37	<...
38	return
39-		snprintf
40+		scnprintf
41			(...);
42	...>
43}
44
45@script: python depends on report@
46p << r.p;
47@@
48
49coccilib.report.print_report(p[0], "WARNING: use scnprintf or sprintf")
50
51@script: python depends on org@
52p << r.p;
53@@
54
55coccilib.org.print_todo(p[0], "WARNING: use scnprintf or sprintf")
56